Before you begin  

Sign into Okta with admin permissions and set up an Okta account. 

STEPS IN CASPIO DIRECTORIES  

  1. In Caspio directories, in the Identity providers tab, click Add identity provider.

Links from the 1. Service provider information section will be needed later to configure the external identity provider.

STEPS IN OKTA  

  1. Sign in to Okta with admin account and select Applications > Applications 
  2. In Create a new app integration, select Create App Integration SAML 2.0.
  3. In the General Settings tab, configure the general settings and select Next.
  4. In the Configure SAML tab, fill in Single sign on URL and Audience URL (SP Entity ID) with Caspio service provider information according to the following table:
Caspio Service provider informationOkta Configure SAML
Copy the Service provider identifier (Entity ID) URL... … and paste it into Audience URL (SP Entity ID) field.
Copy the Reply URL (Assertion consumer service URL)...… and paste it into the Single sign on URL field. 

  1. In the Feedback tab, select a relevant option. Click Finish.
  2. In Okta, open the SAML Signing Certificates section and select View SAML setup instructions. You will need it in step 8b.

STEPS IN CASPIO DIRECTORIES  

  1. In Caspio, go to the identity provider you are adding.
    1. Enter the name and select a user identifier in 2. Identity provider information. We recommend using the default Email field. 
    2. Provide the copied links from step 7 according to the following table:  
Okta View SAML setup instructions  Caspio Identity provider information  
Copy the Identity Provider Single Sign-On URL...  …and paste it into Single sign-on URL field in Caspio 
Copy the Identity Provider Issuer... …and paste it into the Identity provider identifier field in Caspio 

    1. In the SAML Signing Certificates section, download X.509 Certificate. You will need it in step 9.
  1. In the SAML signing certificate (x.509), upload a certificate from step 8c.
  2. Click Select and enable.

Testing 

  1.  Add a user to a group in Okta.  
    1. From the left menu, select Directory > People, and then click Add person
    2. Enter the first and last name of the user. 
    3. Enter the same username as in the directory. 
    4. In the Password field, select Set by admin and enter the password.
    5. Optional: Clear the User must change password on first login checkbox. 
    6. Save the changes.
    7. From the left menu, click Applications and select the newly created app.
    8. Click the Assign button > Assign to people.
    9. Select the newly created user and click Assign 
  1. Add a user in Caspio directories.
    1. In the Users tab, create a user.  
    2. Fill in an email address of the testing user from OKTA (step 1a of the testing procedure). User email in Okta and Caspio directory must match.  
    3. Select sign-in method as per the identity provider name set up in step 4 above.  
  1. Sign in to user portal with Okta. 
    1. In Caspio directories, select User portal. 
    2. In the User portal URLs, click the Settings URL. 
    3. In the login page of a user portal, enter an email address of the newly created test user in Caspio directory. 
    4. In Okta login page, log in with the Okta credentials. 
    5. You should be redirected to the Settings page of the user portal where you can see the profile information of the logged in user, including the email address.